Hi [[ session.user.profile.firstName ]]

Surviving the incident response surge: Detecting and Investigating Incidents

As security incidents grow in frequency and complexity businesses struggle to be prepared to respond and mitigate the threat. Incident detection and response is expected to take up the majority of security budgets by 2020 but solutions are siloed and specialized staff is hard to hire and retain. How can security professionals who may not be experts in incident response detect and assess the scope of potential incidents or breaches effectively? This case study will explore this question leveraging real-world examples that illustrate how to confidently detect and respond to security incidents 10x faster.

Participants will learn:
· Methods for simplified discovery of anomalous user behavior

· Strategies for enabling fast incident response decisions

· How to cope when bombarded with false positive alerts

· Common attacker methods (and why they’re so often successful)

· Why you need to monitor privileged and risky accounts
Recorded Jul 29 2015 50 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Christian Kirsch, Principal Product Marketing Manager, Rapid7
Presentation preview: Surviving the incident response surge: Detecting and Investigating Incidents

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Back to Basics: Defense-In-Depth to Maximize the ROI of Your Security Program Recorded: Aug 27 2015 60 mins
    Wade Woolwine, Manager of Strategic Services at Rapid7 | Mike Scutt, Senior Consultant, Strategic Services at Rapid7
    Non-targeted, opportunistic, targeted, and insider are 4 threat types, or groupings, that have been understood by the security community at large for years. These groupings of threats are largely based on motivation, prevention, detectability, cost, and impact to those affected. On the defensive side, the concept of defense in depth where you secure the outer perimeter to prevent threats, monitor the interior perimeter for anomalous behavior, and apply tight restrictions to the most sensitive data and system has also been a proven approach to minimizing the impact of threats.

    Join Wade Woolwine and Mike Scutt from Rapid7’s threat detection and incident response team to discuss how making threat groupings, the attack lifecycle, and defense in depth part of your overall security program planning can help you apply your resources in a way to maximize prevention, detection, and response for a more effective ROI.
  • Surviving the incident response surge: Detecting and Investigating Incidents Recorded: Jul 29 2015 50 mins
    Christian Kirsch, Principal Product Marketing Manager, Rapid7
    As security incidents grow in frequency and complexity businesses struggle to be prepared to respond and mitigate the threat. Incident detection and response is expected to take up the majority of security budgets by 2020 but solutions are siloed and specialized staff is hard to hire and retain. How can security professionals who may not be experts in incident response detect and assess the scope of potential incidents or breaches effectively? This case study will explore this question leveraging real-world examples that illustrate how to confidently detect and respond to security incidents 10x faster.

    Participants will learn:
    · Methods for simplified discovery of anomalous user behavior

    · Strategies for enabling fast incident response decisions

    · How to cope when bombarded with false positive alerts

    · Common attacker methods (and why they’re so often successful)

    · Why you need to monitor privileged and risky accounts
  • What Is New in PCI DSS 3.0?: Must Know Insider Info Recorded: Jan 23 2014 45 mins
    Didier Godart, Author of the PCI 30 Seconds Newsletter and Nate Crampton, Product Marketing Manager, Rapid7
    Get the “must know” details about PCI DSS 3.0 from one of the original authors of PCI DSS 1.0. PCI expert, Didier Godart, explains:
    Which changes are most significant
    How the changes will impact you & what actions you need to take
    How to incorporate the updates into your priorities
    The latest changes to PCI DSS 3.0 involve clarifications, additional guidance, evolving requirements, better documentation and scoping, and importantly –necessary action from IT and security teams.
  • Deception, Data and the Cloud: Industry Tips and Trends for Managing User Risk Recorded: Jan 8 2014 59 mins
    John Kindervag, principal analyst at Forrester research and Jay Roxe, Sr. Director of Products at Rapid7
    It’s a tough series of facts: Your users are using passwords that get compromised in the megabreaches, putting corporate data at risk by using unapproved cloud services, and falling for phishing attacks. Users are the largest risk to your data security, but your existing tools may be focused within the firewall and failing to secure user activity across on-premise, cloud and mobile environments.

    Watch this on-demand webcast presented by John Kindervag, principal analyst at Forrester research, and Jay Roxe, Sr. Director of Products at Rapid7, for a wide-ranging discussion of best practices to secure user data in your environment. Attendees will learn about:

    -Current trends in the security landscape driving the need for broader visibility
    -How attackers are adapting methods from brute force to deception and what that means for you
    -Why monitoring should be done across on premise, mobile and cloud environment
    -Best practices for identifying and mitigating user risk
  • Bait the Phishing Hook: How To Write Effective Social Engineering Emails Recorded: Dec 12 2013 47 mins
    Chris Hadnagy, Chief Human Hacker, Social-Engineer, Inc. and Christian Kirsch, Senior Product Marketing Manager, Rapid7
    Phishing is used in more than 9 out of 10 targeted attacks, making them an important part of your security assessments and user education. In this webinar for security professionals, Chris Hadnagy talks about how to write effective social engineering emails both for phishing campaigns as part of a penetration test and for simulated phishing campaigns to measure awareness.



    Participants will learn about:

    Latest phishing trends from cyber-criminals and foreign nations
    Using spear phishing in targeted attacks as part of your security assessments
    How to run phishing simulations to measure user awareness
    Social engineering approaches to trigger user behavior
    Examples of field-proven phishing emails
Rapid7
Rapid7

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Surviving the incident response surge: Detecting and Investigating Incidents
  • Live at: Jul 29 2015 6:00 pm
  • Presented by: Christian Kirsch, Principal Product Marketing Manager, Rapid7
  • From:
Your email has been sent.
or close